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Description 

Method and access multiplexer for quick access to data networks 



5 DSL methods (DSL = digital subscriber line) and in particular 

asymmetric DSL methods (ADSL = asymmetric digital subscriber line) 
are increasingly used for quick access to the Internet. In this 
situation, ADSL differs from symmetric DSL methods (SDSL = symmetric 
digital subscriber line) essentially in that in the case of ADSL 

10 different transfer rates are provided for uplink (transfer from 

subscriber to the internet) and downlink (transfer from the internet 
to the subscriber) . In this situation, the downlink transfer rate is 
regularly significantly (by a factor of 4 or 6, for example) higher 
than the uplink transfer rate since typically more data is 

15 transferred per unit of time over the downlink than over the uplink. 
In the case of SDSL, on the other hand, the transfer rates for 
downlink and uplink are the same. 

In the following the term "DSL" is used as a generic term both for 
20 "ADSL" and also for "SDSL" since the actual transfer rates and the 
ratio of the transfer rates between uplink and downlink are of no 
relevance to the present invention. 

A data terminal device of the subscriber, for example a PC (PC= 
25 personal computer) or a set- top box, is connected via a conventional 
copper twin wire to an access multiplexer (DSLAM) by means of an 
integrated or external modem to a DSLAM (DSLAM = DSL access 
multiplexer) . The DSLAM is located in an access node of the network 
provider, which provides the connection for the subscriber. 
30 Typically, a plurality of subscribers is connected via corresponding 
interface modules of a DSLAM to the DSLAM. 

In conventional DSL access networks, the DSLAM is linked to 
downstream network elements by means of an ATM network (ATM = 
35 asynchronous transfer mode) . 



The disadvantage in this situation is the fact that ATM networks are 
expensive and complicated both in their construction and in their 
operation since on the one hand the components of an ATM network 
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(switches for example) are expensive in comparison with components 
which support other transfer technologies and on the other hand each 
connection in an ATM network needs to administered separately. 

5 The object of the present invention is to set down a method and an 
access multiplexer for quick access to data networks, by means of 
which the disadvantages of the prior art are avoided. 

This object is achieved by a method for quick access to data 
10 networks on the basis of the preamble of Claim 1 through its 

characterizing features, and by an access multiplexer for .quick 
access to data networks on the basis of the preamble of Claim 7 
through its characterizing features. 

15 Preferred embodiments are set down in the dependent claims. 

According to the present invention, a method for quick access to 
data networks INT is provided in which data terminal devices Dl , D2 , 
D3 of subscribers are each connected by means of a modem Ml, M2 , M3 

20 respectively by way of a digital subscriber line DSLl, DSL2, DSL3 
respectively to an access multiplexer DSLAM, whereby for the 
purposes of data transfer between the data terminal devices Dl, D2, 
D3 and an access server B-RAS which is located downstream of the 
access multiplexer (DSLAM) , which serves to check the access 

25 authorization of the data terminal devices Dl, D2, D3 and establish 
the access to the data network (INT), the Point-to-Point Protocol 
over Ethernet PPPoE is used, according to which the link from the 
access multiplexer DSLAM to the access server B-RAS and to further 
components located downstream is implemented by means of an Ethernet 

30 network ETH. 

In accordance with the present invention, for quick access to data 
networks INT an access multiplexer DSLAM is additionally provided, 
to which data terminal devices Dl, D2 , D3 of subscribers are each 
35 connected by means of a modem Ml, M2 , M3 respectively by way of a 
digital subscriber line- DSLl, DSL2, DSL3 respectively, whereby for 
the purposes of data transfer between the data terminal devices Dl, 
D2, D3 and an access server B-RAS, which serves to check the access 
authorization of the data terminal devices Dl, D2, D3 and establish 
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the access to the data network (INT), the Point-to-Point Protocol 
over Ethernet PPPoE is used, whereby the access multiplexer DSLAM is 
connected to the access server (B-RAS) and to further components 
located downstream by means of an Ethernet network (ETH) . 

5 

An important advantage of the method according to the invention and 
of the access multiplexer DSLAM according to the invention consists 
in the fact that it is considerably more cost-effective to set up an 
Ethernet network than to set up an ATM network since Ethernet 
10 components are simpler and thus cheaper to manufacture. Maintenance 
and operation of an Ethernet network are likewise significantly more 
cost-effective since an Ethernet network is self-configuring and the 
network administration required in the case of ATM networks is thus 
dispensed with. 

15 

If the subscriber-side termination of the connection is implemented 
cost-effectively using Ethernet, there is a danger that as a result 
of the self-configuration capabilities of the Ethernet bridge EB 
required in conjunction with the access multiplexer DSLAM an attack 

20 on the DSLAM using a large number of falsified MAC addresses (MAC = 
media access control) causes the routing tables of the DSLAM to 
overflow. In addition, in the case of unfiltered Ethernet traffic, 
unauthorized connections between the data terminal devices Dl, D2, 
D3 are possible, for example. To the best advantage, all Ethernet 

25 frames which can not be assigned to an existing PPPoE connection or 
to a PPPoE connection which is set up are therefore discarded - 
Claims 2 and 8. 

To the best advantage, when using the invention the conventional 
30 link between the data terminal devices of the subscribers and the 
access multiplexer is retained. 

In one development of the method according to the invention and of 
the access multiplexer according to the invention, a combination 
35 with a method and/or with means offering overload protection is 
provided - Claims 3 to 5 and 9 to 11. The advantage of this 
combination consists in the fact that strong pulses or bursts of 
data traffic on the high bit rate Ethernet interface, which are to 
be routed to only one of the digital subscriber lines - which are 
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low bit rate when compared with the Ethernet interface can not 
result in an overload situation there since Ethernet frames are 
necessarily already discarded from the receive buffer of the 
Ethernet interface . Ethernet frames which are used for connection 
5 control are advantageously excluded from the discard strategy. 

The method according to the invention will be described in detail in 
the following as an embodiment with reference to a drawing, 

10 The single Figure 1 shows a schematic view of the network structure 
for quick access to a data network using a digital subscriber line. 

Figure 1 shows three data terminal devices Dl, D2, D3 which are each 
connected by means of a modem Ml, M2, M3 respectively by way of a 

15 digital subscriber line DSLl, DSL2, DSL3 respectively to an access 
multiplexer DSLAM. Typically, conventional (copper) telephone lines 
are used for quick access to the Internet INT using a digital 
subscriber line DSL, over which conventional analog or digital 
telephony services can be handled simultaneously. On the subscriber 

20 side this requires a splitter or filter Fl, F2 , F3 in each case for 
connecting each telephony terminal device Tl, T2, T3 . Although a 
coupling of the digital subscriber line DSL with conventional 
telephony services is normal, the present invention can also be used 
for DSL methods which do not provide this coupling. 

25 

The access multiplexer DSLAM separates telephony and data services 
and routes the telephony services for example over a conventional 
switching center TDM-Vst (TDM = time division multiplex) into the 
public telephone network PSTN (PSTN = public switched telephony 
30 network) . According to the invention, the data services are routed 

by way of an Ethernet network ETH to an access server B-RAS (B-RAS = 
broadband remote access server) and thence onto the Internet INT. 

For the purposes of data exchange between the access server B-RAS 
35 and one of the data terminal devices Dl, D2, D3 the PPPoE protocol 
(PPPoE = Point- to-Point Protocol over Ethernet) is used which 
transports PPP data (PPP = Point-to-Point Protocol), which in turn 
conveys IP data (IP = Internet Protocol) . 
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The PPPoE data is transferred between data terminal device D and 
modem M using Ethernet in the majority of cases. Other transfer 
methods between data terminal device D and modem M are for example 
ATM or the USB protocol (USB = Universal Serial Bus) . The transfer 
5 between modem M and access multiplexer DSLAM takes place by means of 
ATM. 

Since according to the invention the onward transportation does not 
take place - as has previously been customary - using ATM but by way 
10 of Ethernet, the PPPoE data is recovered in the access multiplexer 
and encapsulated in Ethernet frames for transfer over the Ethernet 
network ETH, in other words the already existing Ethernet header is 
supplemented with a checksum and an initial identifier. 

15 For this purpose the access multiplexer DSLAM has an Ethernet bridge 
EB which has filtering facilities to afford protection against 
denial-of -service attacks and unauthorized access. If the 
subscriber-side termination of the connection is implemented cost- 
effectively using Ethernet, there is a danger that as a result of 
20 the self -configuration capabilities of the Ethernet bridge EB an 

attack on the DSLAM using a large number of falsified MAC addresses 
will cause the routing tables of the DSLAM to overflow. In addition, 
in the case of unfiltered Ethernet traffic, unauthorized connections 
between the data terminal devices Dl, D2, D3 are possible, for 
25 example. In this situation, the following filter rules are applied: 
Ethernet frames are routed to the Ethernet bridge (EB) if the 
PPPoE header can be assigned to an existing connection confirmed 
by the access server (B-RAS) , or if the PPPoE header can be 
assigned to connection which is set up, whereby a timer is 
30 started when the connection is set up and when the timer times 

out the MAC address of the sending Ethernet component is removed 
from the routing tables of the Ethernet bridge (EB) provided that 
no confirmation of the connection set-up is given by the access 
server (B-RAS) before the timer times out, and 
35 - all other Ethernet frames which contain a PPPoE header are 
discarded, and 

all Ethernet frames which do not contain a PPPoE header are 
discarded. 
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As a result of this filtering, the aforementioned attacks or 
unauthorized access attempts are effectively suppressed. 



As a result of the different transfer rates of the subscriber-side 
5 interfaces DSLl, DSL2, DSL3 (currently a maximum 8 MBit/s, normally 
for example 1.5 MBit/s or 768 kBit/s or 512 kBit/s) and of the 
network-side Ethernet interface or Ethernet interfaces (currently a 
maximum 1 GBit/s, normally for example 100 MBit/s) of the access 
multiplexer DSLAM, situations can arise in the transfer direction 

10 toward the data terminal device D of a subscriber in which data is 

delivered over the Ethernet interface (s) at the maximum transfer rate 
(for example 100 MBit/s) for a single digital subscriber line DSL, 
over which the onward transportation of the data is only possible at 
a considerably lower transfer rate (for example 768 kBit/s) . As a 

15 result of the transfer method based on ATM, on the digital 

subscriber line DSL this can result in the user data traffic between 
access multiplexer DSLAM and data terminal device D coming to a 
complete standstill in spite of a transfer path operating under full 
load between access multiplexer DSLAM and modem M. 

20 

This is caused by the fact that data in the form of Ethernet frames 
or PPPoE frames is delivered from a receive buffer of the Ethernet 
interface (s) of the DSLAM at a high data rate, or transfer rate, to 
a send buffer of the ATM interface of the digital subscriber line 

25 DSL. Since Ethernet frames or PPPoE frames are typically 

considerably larger than ATM cells, a distribution of the frames 
over a plurality of ATM cells, each capable of conveying 48 bytes of 
used data, is required. This operation is known as segmentation. As 
a result of discard strategies in the send buffer of the ATM 

30 interface, the situation can now occur in which one or more of these 
ATM cells are discarded from each frame to be transferred, which 
results in the frames being transferred incompletely, discarded at 
the destination and begin requested again. 

35 In order to avoid a blocking of this type, in an advantageous 

development of the invention a mechanism is provided which uses a 
Random Early Discard (RED) strategy that is actually applied in the 
receive buffer of the Ethernet interface to reliably avoid overload 
situations before they actually arise. Discard strategies other than 
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RED can likewise be applied, for example a discard based on frame 
size or priority information. 

In order to control the discard of frames in the receive buffer of 
5 the Ethernet interface, the status of the send buffers of the ATM 
interfaces of the digital subscriber lines DSLl, DSL2, DSL3 is 
monitored by means of an appropriate logic circuit. As soon as this 
determines that the number of frames incoming per unit time by way 
of the receive buffer exceeds the number of frames outbound from 

10 there per unit time by a value to be specified according to the 
buffer sizes for one of the send buffers of the ATM interfaces, 
Ethernet frames which are to be conveyed to that particular send 
buffer will be discarded from the receive buffer of the Ethernet 
interface. To this end, it is necessary for a determination to 

15 actually be carried out in the receive buffer of the Ethernet 

interface as to where incoming frames are to be conveyed to, in 
other words an initial evaluation of the destination address should 
already be performed before the actual routing of a frame. 

20 If the number of frames outbound from the send buffer per unit time 
lies, for example as a result of major transfer disruptions on the 
digital subscriber line, below an initial threshold value which is 
to be defined, all incoming frames for this send buffer will be 
discarded. If the number of frames outbound from the send buffer per 

25 unit time lies above the first but below a second threshold value 
which is to be defined, frames are discarded according to the 
selected discard strategy either randomly or in accordance with 
criteria which are to be defined. Priority information relating to 
the conveyed frames or the frame length, for example, can be 

30 considered as possible criteria. Further threshold values can be 

defined in order to enable a sufficiently fine level of adjustment 
of the discard strategy, for example in order to support a greater 
number of priority values. In the simplest case, the second 
threshold value actually corresponds to the maximum data rate of the 

35 digital subscriber line DSL, in other words if the number of 

incoming frames per unit time for a special digital subscriber line 
DSL in the DSLAM is greater than the number of frames outbound with 
the maximum data rate of the digital subscriber line DSL, frames 
will be discarded in accordance with the selected discard strategy. 
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The discard of Ethernet frames is non-critical for the transfer of 
data insofar as higher protocol layers, for example the Transmission 
Control Protocol TCP, monitor the transfer and initiate the renewed 
5 transfer of lost information. 

According to a development of the invention, frames which are used 
for connection control purposes are not discarded. 

10 Although the invention has been described with reference to a DSL 

access multiplexer DSLAM, the method according to the invention and 
the access multiplexer according to the invention can also be 
applied to other methods for quick access to data networks in which 
the access multiplexer is linked to downstream components by mecins 

15 of a cost-effective Ethernet network. 



